- Pupy is a RAT (Remote Access Trojan) malware that supports cross-platform.
- It is an open-source code that is continuously used by various attackers, including APT groups.
- APT35 group, known to be associated with Iran, has been reported to use Pupy RAT.
- Pupy RAT was also used in Operation Earth Berberoka, targeting online gambling sites.
- A new variant of Pupy RAT called Decoy Dog was discovered, which targeted networks of companies in Russia and Eastern Europe.
- This article provides a basic explanation of Pupy RAT and analyzes various attack cases.
https://asec.ahnlab.com/ko/64073/